Hackers breach US emails
Chinese state-linked hackers have breached US Government email accounts.
Hackers have been discovered to have accessed approximately 25 organisations' email accounts, including those belonging to the US government.
The cyberespionage campaign, which started in May, was brought to light by both Microsoft and US officials.
The breach of federal government accounts was reportedly detected swiftly, enabling prompt action to prevent further compromises.
“The United States detected a breach of federal government accounts 'fairly rapidly' and managed to prevent further breaches,” stated Jake Sullivan, White House national security adviser, during an interview on ABC's "Good Morning America" program.
Microsoft, in its statement, revealed that the hacking group, known as Storm-0558, employed forged digital authentication tokens to gain unauthorised access to webmail accounts operating on the company's Outlook service.
Although Microsoft did not disclose the names of the impacted organisations or governments, the company said that the hacking group primarily targeted entities in Western Europe.
Following the breach, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a joint advisory to critical infrastructure organisations, providing guidance on enhancing monitoring of Microsoft Exchange Online environments.
The advisory stressed the importance of enabling both basic and premium logging, with an emphasis on making the logs easily searchable.